Privacy policy of the boosterhub.pl website

GENERAL PROVISIONS
The controller of personal data collected via the boosterhub.pl website is NBS Progress Sp. z o.o., registered office address: ul. Ofiar Oświęcimskich 19A, 50-069 Wrocław, address for service: , entered into the register of entrepreneurs under the KRS number: 0000566929, NIP: 8971811018, REGON: 362033097, having share capital in the amount of: PLN 20.000,00, e-mail address: kontakt@boosterhub.pl, hereinafter referred to as “Controller”, who is also the Service Provider. , place of business: Aleja Kalifornijska 1, 55-020 Rzeplin, address for service: Aleja Kalifornijska 1, 55-020 Rzeplin, NIP: 8971811018, REGON: 362033097, e-mail: kontakt@boosterhub.pl, hereinafter referred to as “Controller”.
Personal data collected by the Controller via the website are processed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of individuals with regard to the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as the GDPR and the Personal Data Protection Act of 10 May 2018.
TYPE OF PERSONAL DATA PROCESSED, PURPOSE AND SCOPE OF DATA COLLECTION
PURPOSE OF PROCESSING AND LEGAL BASIS. The Controller processes personal data through the boosterhub.pl website in case of:
use of the contact form by the user. Personal data shall be processed on the basis of Article 6(1)(f) of the GDPR as a legitimate interest of the Controller.
subscription to the Newsletter by the user in order to receive commercial information electronically. Personal data shall be processed with separate consent pursuant to Article 6(1)(a) of the GDPR.
TYPE OF PROCESSED DATA. The Controller processes the following categories of user`s personal data:
Full name,
Adress (of residence),
E-mail adress;
Phone number,
DATA RETENTION PERIOD. Users’ personal data is stored by the Controller:
where the processing is based on the performance of an agreement, for as long as is necessary for the performance of the agreement and thereafter for a period corresponding to the period of limitation of claims. Unless otherwise specified in a special provision, the limitation period shall be six years and, for claims for periodic benefits and for claims relating to establishment – three years.
in case the data processing is based on consent, until the consent is revoked, and after revoking the consent for a period of time corresponding to the limitation period of claims that can be made by the Controller and that can be made against him. Unless otherwise specified in a special provision, the limitation period shall be six years and, for claims for periodic benefits and for claims relating to establishment – three years.
When using the website, additional information may be collected, in particular: IP address assigned to the user’s computer or external IP address of the Internet provider, domain name, browser type, access time, operating system type.
Navigation data may also be collected from users, including information about the links they choose to click on or other actions taken on the website. The legal basis for this type of activity is the legitimate interest of the Controller (Article 6(1)(f) of the GDPR), consisting in facilitating the use of services provided by electronic means and improving the functionality of these services.
Providing personal data by the user is voluntary.
Personal data will also be processed automatically in the form of profiling, provided that the user agrees to it pursuant to Article 6(1)(a) of the GDPR. The consequence of profiling will be to assign a profile to a person in order to make decisions about them or to analyse or predict their preferences, behaviour and attitudes.
The Controller shall take particular care to protect the interests of the data subjects and shall ensure, in particular, that the data are:
processed lawfully,
collected for specified, legitimate purposes and not subjected to further processing incompatible with those purposes,
substantially correct and appropriate in relation to the purposes for which they are processed and kept in a form which permits identification of the persons concerned for no longer than is necessary to achieve the purpose of the processing.
SHARING PERSONAL DATA
Users’ personal data are passed on to the service providers used by the Controller to run the website. Service providers to whom personal data are transferred, depending on the contractual arrangements and circumstances, are either subject to the Controller’s instructions as to the purposes and methods of processing these data (processors) or define the purposes and methods of their processing (administrators).
Your personal data is stored exclusively in the European Economic Area (EEA).
RIGHT OF CONTROL, ACCESS TO AND CORRECTION OF OWN DATA
The data subject has the right to access its personal data and the right to rectify, delete, limit processing, the right to transfer data, the right to object, the right to withdraw consent at any time without affecting the lawfulness of the processing that has been carried out based on consent before its withdrawal.
Legal grounds for user requests:
Access to data – Article 15 of the GDPR
Correction of data – Article 16 of the GDPR
Deletion of data (the so-called right to be forgotten) – Article 17 of the GDPR.
Restriction of processing – Article 18 of the GDPR.
Data transfer – Article 20 of the GDPR.
Objection – Article 21 of the GDPR
Withdrawal of consent – Article 7(3) of the GDPR.
In order to exercise the rights referred to in point 2, an appropriate e-mail may be sent to: kontakt@boosterhub.pl.
If the user exercises the right resulting from the above rights, the Controller shall comply with the request or refuse to comply with it immediately, but no later than within one month after receiving it. However, if – due to the complexity of the request or the number of requests – the Controller will not be able to fulfill the request within one month, it will fulfill it within the next two months, informing the user in advance within one month of receiving the request – about the intended extension of the deadline and its reasons.
If it is found that the processing of personal data violates the rules of the GDPR, the data subject has the right to lodge a complaint with the President of the Office for Personal Data Protection.
COOKIES
The Controller’s website uses “cookies”.
The installation of “cookies” is necessary for the proper provision of services on the website. Cookies contain information necessary for the proper functioning of the website, and they also provide an opportunity to compile general statistics on website visits.
The website uses session and persistent type of “cookies”.
“Session” cookies are temporary files that are stored on the user’s terminal device until the user logs out (leaves the site).
“Persistent” cookies are stored in the user’s terminal device for a period of time specified in the parameters of cookies or until the user removes them.
The Controller uses its own cookies to better understand how the user interacts with the site content. The files collect information about the user’s use of the website, the type of website from which the user was redirected, the number of visits and the time the user visits the website. This information does not record specific personal data of the user, but is used to compile statistics on website usage.
The user has the right to decide on the access of “cookies” to its computer by selecting them in the window of its browser. Detailed information about the possibilities and ways of handling “cookies” can be found in the software (browser) settings.
FINAL PROVISIONS
The Controller shall apply technical and organisational measures ensuring the protection of the processed personal data appropriate to the threats and categories of data subject to protection, and in particular it shall protect the data against unauthorised access, taking away by an unauthorised person, processing in breach of the applicable regulations and alteration, loss, damage or destruction.
The Controller shall make available appropriate technical means to prevent the acquisition and modification by unauthorized persons of personal data sent electronically.
In matters not covered by this Privacy Policy, the provisions of the GDPR and other relevant provisions of Polish law shall apply accordingly.